US20180083787A1 - System and method for approving transactions - Google Patents

System and method for approving transactions Download PDF

Info

Publication number
US20180083787A1
US20180083787A1 US15/828,089 US201715828089A US2018083787A1 US 20180083787 A1 US20180083787 A1 US 20180083787A1 US 201715828089 A US201715828089 A US 201715828089A US 2018083787 A1 US2018083787 A1 US 2018083787A1
Authority
US
United States
Prior art keywords
payer
merchant
transaction
location
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US15/828,089
Inventor
Robert W. Peterson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OL Security LLC
Original Assignee
OL Security LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OL Security LLC filed Critical OL Security LLC
Priority to US15/828,089 priority Critical patent/US20180083787A1/en
Assigned to OL SECURITY LIMITED LIABILITY COMPANY reassignment OL SECURITY LIMITED LIABILITY COMPANY MERGER (SEE DOCUMENT FOR DETAILS). Assignors: OSOCAD REMOTE LIMITED LIABILITY COMPANY
Publication of US20180083787A1 publication Critical patent/US20180083787A1/en
Priority to US17/206,689 priority patent/US11831791B2/en
Priority to US18/495,303 priority patent/US20240056315A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/085Payment architectures involving remote charge determination or related payment systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/16Payments settled via telecommunication systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/24Credit schemes, i.e. "pay after"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3224Transactions dependent on location of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • G06Q30/0603Catalogue ordering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/12Accounting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Definitions

  • This disclosure relates to systems and methods for approving commercial transaction such as transactions between a merchant and a payer.
  • the disclosure relates to transactions involving credit cards, debit cards, and the like.
  • What is required is an improved system and method for identifying fraudulent attempts to use a payment authorization device based on the location of the device.
  • a method for approving a transaction between a merchant payment device of a merchant and a payer identification device of a payer comprises identifying the payer from the payer identification device at the merchant payment device, identifying a mobile communications device of the payer, communicating with the mobile communications device to receive a communication from the mobile communications device which indicates authentication data, and determining an approval for the transaction from the authentication data.
  • a payment processing system for approving a transaction between a merchant payment device of a merchant and a payer identification device of a payer.
  • the payment processing system may be configured to receive a transaction record that indicates the payer identification device and the merchant payment device.
  • the payment processing system may also be configured to analyze authentication data from a mobile communications device of the payer, approve the transaction using the authentication data, and indicate the approval of the transaction to the merchant payment device.
  • a computer-readable medium comprising computer executable instructions for execution by a processor of a device, that, when executed, cause the processor to read a payment identification device of a payer, identify a mobile communications device of the payer, request authentication information from the mobile communications device, receive the authentication information from the mobile communications device, generate a transaction record incorporating the authentication information, and provide the transaction record to a payment processing system.
  • FIG. 1 illustrates components of a transaction system of the present disclosure
  • FIG. 2 illustrates a method for approving a transaction
  • FIG. 3 illustrates a method for approving a transaction using location data of a payer mobile device
  • FIG. 4 illustrates a method for approving a transaction using transaction history known to a payer mobile device
  • FIG. 5 illustrates a payment processing system process
  • FIG. 6 illustrates a processor and memory of a merchant payment device in communication with a processor and memory of a payment processing system
  • FIG. 7 illustrates an instruction set for executing on the merchant payment device processor of FIG. 6 .
  • FIG. 1 A system 10 in accordance with an embodiment of the disclosure is illustrated in FIG. 1 .
  • a payment processing system 12 that interacts with a merchant payment device 14 through known communications protocols such as TCP/IP, FTP, EFTPOS etc.
  • a payer e.g., a customer
  • the payer identification device may be a credit card, debit card, or other form of account identifier, which in some embodiments, may include a mobile telecommunications device.
  • the merchant payment device 14 e.g., a credit card reader, a Bluetooth radio
  • the merchant payment device 14 may communicate the payer information to the payment processing system 12 for verification.
  • the payment processing system 12 may include a database 13 which stores payer identification including payer name, contact details, account information, credit limit and other required information for verifying transactions of the payer.
  • a mobile telecommunications device 18 of the payer will be available.
  • the ubiquitous nature of mobile devices is taken into account so that the payer's mobile device can be used in the transaction as an additional verification tool.
  • a method for verifying a transaction using a payer's mobile device is shown in the, flowchart 100 of FIG. 2 .
  • the merchant payment device 14 scans, reads or otherwise identifies the payer identification device 16 .
  • a mobile communications device 18 of the payer is identified, e.g., from data associated with the payer identification device 16 , or from other data provided at the transaction, e.g., by communication direct from the payer.
  • the merchant payment device 14 contacts the payer mobile device 18 to request authentication data (step 103 ) which is received at step 104 .
  • the authentication data is then used to determine an approval for the transaction (step 105 ), e.g., by providing the authentication data to a payment processing system 12 .
  • the authentication data may take several forms, including the location of the payer mobile device or previous transaction history of the payer, known to the payer mobile device, which may or may not be known to the merchant payment device.
  • the authentication data may be provided from the payer mobile device to the payment processing service or to the merchant payment device and via any necessary intermediaries such as routers, network providers and the like.
  • the method described in FIG. 2 may be used to tie validation and authorization of a payment transaction to the locations of the entities involved. That is, the method may extend transaction authorization to include geolocation information. If the payer identification device 16 (credit card, debit card, cell phone acting as a credit card, etc.) is present, the geolocation of the payer mobile device 18 is compared during the card processor's authorization processing to other geolocation information, such as the location of the merchant's store, to establish that the person authorized to execute the transaction is in approximately the same location as the payer identification device 16 . In simple terms, if the authorized card holder isn't near the card reader, the transaction should either be declined or additional identity confirmation should be conducted.
  • the payer identification device 16 credit card, debit card, cell phone acting as a credit card, etc.
  • the merchant payment device 14 may be used to read the payer identification device 16 to pay a merchant (step 201 ).
  • the merchant payment device 14 sends to the payment processing system 12 a transaction record (step 202 ) which identifies the payer identification device 16 , the merchant payment device 14 and other details of the transaction such as the amount, time, etc.
  • the transaction record maybe used to determine a geolocation of the merchant payment device (step 203 ).
  • the location of the merchant payment device 14 may be known locally in the payment processing system 12 , e.g., stored in a local database 13 , and may be retrieved from the database 13 using an identity of the merchant or the merchant payment device 14 .
  • the transaction record may include the geolocation of the merchant payment device 14 , e.g., as determined by an internal GPS system of the merchant payment device 14 or other location determination system.
  • the merchant payment device 14 may identify the mobile communications device 18 and request the current location of the mobile communications device 18 (step 205 ) which is received at step 206 and added to the transaction record.
  • the database 13 of the payment processing system 12 may store contact details for the mobile communications device 18 such that steps 204 , 205 , 206 are performed by the payment processing system once the payer has been identified from the transaction record.
  • the payer mobile device 18 may provide location information without user input.
  • a message such as an SMS message may be sent to the payer's mobile device 18 , requiring an SMS response from the payer, with the location of the payer mobile device 18 being extracted from the response SMS message.
  • the merchant payment device 14 is sent a message approving the transaction (step 207 ).
  • the acceptable distance may depend on the transaction environment. For example, transactions with merchants where the payer may often be in a car, such as in a drive-through premises, may allow a greater distance than transactions where customers are generally slower or more stationary. Typical allowable distances are considered to be 100 feet for a casual restaurant, 20 feet for a retail store, and 10 feet for a fast food restaurant. The typical distance for each merchant is stored in the Payment Processing Service database 13 .
  • the transaction record may be complete when first sent from the merchant payment device 14 to the payment processing system 12 .
  • This has the advantage that a location of the mobile communications device 18 and the merchant payment device 14 are known at the immediate time of the transaction.
  • the transaction record may also be sent in multiple stages.
  • the payment processing system 12 may separately query the merchant payment device 14 for its current location, which the merchant payment device 14 may add to the transaction record in response to the query.
  • the merchant payment device 14 is used to read the payer identification device to pay a merchant (step 301 ).
  • the merchant payment device 14 looks for the payer mobile device 18 (step 302 ) (e.g., cell phone, PDA, MID, etc.) and connects to the payer mobile device 18 (step 303 ), which communicates a previous transaction history, such as an authentication history for the merchant payment device 14 (step 304 ). If the payer mobile device 18 is not present or the registration check fails, the transaction requires additional verification before being accepted.
  • the merchant payment device 14 sends the transaction record to the payment processing service 12 indicating that the payment processing system 18 can verify the transaction (step 305 ) by contacting the payer mobile device 18 using the process illustrated in FIG.
  • step 203 If the merchant payment device 14 verifies at step 304 that the payer identification device 16 has been previously authorized by the payer mobile device 18 for the merchant, the merchant payment device indicates the authorization history in the transaction record to the payment processing service.
  • the payment processing service 12 processes the transaction, include checking the authorization history. If the validations succeed, the payment processing service 12 sends to the merchant payment device 14 a message approving the transaction (step 308 ). In embodiments such as this, e.g., where independent location verification is not necessarily used in the authentication step, it is conceivable that the payment identification device 16 and the payer mobile device 18 may be merged into a single device.
  • the mobile communications device may provide additional authentication information that is unknown to the merchant and/or the merchant payment device for independent verification in the payment processing system.
  • the payer mobile device 18 may also include information about the previous transaction, if any, involving the payer identification device 16 .
  • the encrypted authentication information might include one or more of the geolocation, timestamp, merchant identity or transaction amount of the previous transaction, which is data the merchant is unlikely to possess and which ties the authentication information to the current transaction.
  • the payer mobile device 18 returns the authentication data to the merchant payment device 14 in an encrypted form not decipherable by the merchant payment device 14 .
  • the merchant payment device 14 sends to the payment processing system 12 a transaction record that includes the geolocation of the merchant payment device 14 and the encrypted authentication information provided by the payer mobile device.
  • the process at the payment processing end is shown in the flowchart 400 of FIG. 5 .
  • the payment processing service 12 receives the transaction record and decrypts the authentication data provided by the payer mobile device 18 (via the merchant payment device 14 ) (step 402 ).
  • the payment processing system 12 may verify the authentication data within the payment processing system (step 403 ), for example by retrieving details of the previous transaction from the database 13 and comparing the details with the data provided in the transaction record. In one embodiment, the previous transaction history may be sufficient to approve the transaction, without using the location data (step 404 ).
  • the location data may also be such that if the payer mobile device 14 is within the defined acceptable distance from the location reported by the merchant payment device 14 , then the payment processing system 12 may indicate to the merchant payment device 14 that the transaction is approved. Otherwise, if the authentication data fails these or other tests the payment processing service 12 may require additional verification before being accepted.
  • the system can reduce the possibility of replaying the encrypted authentication information which may lead to false or fraudulent approval of the transaction.
  • the encrypted authentication data provided by the payer mobile device 18 may be supplemented by additional encrypted data from the payer identification device 16 .
  • a payer identification device 16 may be provided with geolocation capabilities, such as from an internal GPS receiver which can be provided to the merchant payment device 14 during a transaction.
  • merchant payment device sends to the transaction processor a transaction record that includes the encrypted authentication information provided by the payer identification device 16 , and the encrypted authentication information provided by the payer mobile device 18 .
  • the payment processing service 12 processes the transaction record, including decrypting the authentication data provided by the payer identification device 16 and payer mobile device 18 .
  • the payment processing service may seek additional verification before approving the transaction. If the payment processing service 12 checks succeed, the payment processing service 12 sends to the merchant payment device 14 a message approving the transaction.
  • a merchant payment device may include a processor 61 operatively associated with a memory 62 as shown in FIG. 6 .
  • the memory 62 may store an instruction set 500 executable by the processor 61 .
  • the instruction set 500 shown in FIG. 7 , causes the processor to commence a transaction by reading a payment identification device of a payer (step 501 ).
  • a request for authentication information is sent to the mobile communications device (step 503 ) with the authentication information being received from the mobile communications device at step 504 .
  • the processor 61 then generates a transaction record incorporating the authentication information (step 505 ) and provides the transaction record to a payment processing system (step 506 ) for subsequent approval.
  • the processor 61 of the merchant device may communicate the transaction record to a processor 68 and associated memory 69 of the payment processing system 12 through a suitable communications link 65 .
  • the processor 61 of the merchant device and/or the processor 68 of the payment processing system 12 may communicate with a processor and memory of a PayerMobile Device (not shown), for retrieving the required authentication information.
  • Embodiments of the system described above can be used to improve authorization confidence for a significant fraction of credit card uses, i.e., when the cardholder presents the physical card to a merchant and for other forms of payer identification devices.
  • the system may be used to reduce credit card fraud by reducing the successful use of stolen credit cards, cloned credit cards, or fraudulent merchant card readers.
  • the information sent between various modules can be sent between the modules via at least one of a data network, the Internet, an Internet Protocol network, a wireless source, and a wired source and via plurality of protocols.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

In a transaction between a merchant and a payer, approval of the transaction may be provided by a payment processing system using authentication information provided from a mobile device of the payer. The authentication information may include a location of the payer mobile device which may be compared to a location of a merchant payment device such that the transaction is approved if the payer mobile device is within a defined distance of the merchant payment device.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This application is a divisional of U.S. application Ser. No. 12/629,937, filed on Dec. 3, 2009, now pending, the disclosure of which is herein incorporated by reference in its entirety.
    • FIELD OF THE INVENTION
  • This disclosure relates to systems and methods for approving commercial transaction such as transactions between a merchant and a payer. In particular, though not exclusively, the disclosure relates to transactions involving credit cards, debit cards, and the like.
    • BACKGROUND OF THE INVENTION
  • With the exception of cash transactions, most commercial transactions between a merchant and a customer typically use some form of payment identification device such as a credit card, debit card, loyalty card, or the like. Such transactions require approval by the administrator or provider of the payment identification card. Approval may be provided by various means such as a personal identification number, password, or presence of a physical payment authorization device (e.g., credit card). These solutions don't deal effectively with some classes of fraud, such as counterfeit credit cards, and use of a real card using a fraudulent merchant account. In particular, a person frequently traveling to foreign countries must either notify the institution issuing the card before every trip or forgo the crude default protection of disallowing transactions originating in a foreign country.
  • What is required is an improved system and method for identifying fraudulent attempts to use a payment authorization device based on the location of the device.
    • SUMMARY OF THE INVENTION
  • In one aspect of the disclosure, there is provided a method for approving a transaction between a merchant payment device of a merchant and a payer identification device of a payer. The method comprises identifying the payer from the payer identification device at the merchant payment device, identifying a mobile communications device of the payer, communicating with the mobile communications device to receive a communication from the mobile communications device which indicates authentication data, and determining an approval for the transaction from the authentication data.
  • In one aspect of the disclosure, there is provided a payment processing system for approving a transaction between a merchant payment device of a merchant and a payer identification device of a payer. The payment processing system may be configured to receive a transaction record that indicates the payer identification device and the merchant payment device. The payment processing system may also be configured to analyze authentication data from a mobile communications device of the payer, approve the transaction using the authentication data, and indicate the approval of the transaction to the merchant payment device.
  • In one aspect of the disclosure, there is provided a computer-readable medium comprising computer executable instructions for execution by a processor of a device, that, when executed, cause the processor to read a payment identification device of a payer, identify a mobile communications device of the payer, request authentication information from the mobile communications device, receive the authentication information from the mobile communications device, generate a transaction record incorporating the authentication information, and provide the transaction record to a payment processing system.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Reference will now be made, by way of example only, to specific embodiments and to the accompanying drawings in which:
  • FIG. 1 illustrates components of a transaction system of the present disclosure;
  • FIG. 2 illustrates a method for approving a transaction;
  • FIG. 3 illustrates a method for approving a transaction using location data of a payer mobile device;
  • FIG. 4 illustrates a method for approving a transaction using transaction history known to a payer mobile device;
  • FIG. 5 illustrates a payment processing system process;
  • FIG. 6 illustrates a processor and memory of a merchant payment device in communication with a processor and memory of a payment processing system; and
  • FIG. 7 illustrates an instruction set for executing on the merchant payment device processor of FIG. 6.
    •  DETAILED DESCRIPTION OF THE INVENTION
  • A system 10 in accordance with an embodiment of the disclosure is illustrated in FIG. 1. In the system 10, there is provided a payment processing system 12 that interacts with a merchant payment device 14 through known communications protocols such as TCP/IP, FTP, EFTPOS etc. During a transaction, a payer, e.g., a customer, may identify a payer identification device 16 to the transaction. The payer identification device may be a credit card, debit card, or other form of account identifier, which in some embodiments, may include a mobile telecommunications device. The merchant payment device 14 (e.g., a credit card reader, a Bluetooth radio) is able to extract from the payer identification device 16 sufficient information, e.g., account number or card number, to pay the merchant. The merchant payment device 14 may communicate the payer information to the payment processing system 12 for verification. The payment processing system 12 may include a database 13 which stores payer identification including payer name, contact details, account information, credit limit and other required information for verifying transactions of the payer. In any typical legitimate transaction between the payer and the merchant, a mobile telecommunications device 18 of the payer will be available. In an embodiment of the disclosure, the ubiquitous nature of mobile devices is taken into account so that the payer's mobile device can be used in the transaction as an additional verification tool.
  • A method for verifying a transaction using a payer's mobile device is shown in the, flowchart 100 of FIG. 2. At step 101, the merchant payment device 14 scans, reads or otherwise identifies the payer identification device 16. At step 102, a mobile communications device 18 of the payer is identified, e.g., from data associated with the payer identification device 16, or from other data provided at the transaction, e.g., by communication direct from the payer. The merchant payment device 14 contacts the payer mobile device 18 to request authentication data (step 103) which is received at step 104. The authentication data is then used to determine an approval for the transaction (step 105), e.g., by providing the authentication data to a payment processing system 12.
  • The authentication data may take several forms, including the location of the payer mobile device or previous transaction history of the payer, known to the payer mobile device, which may or may not be known to the merchant payment device.
  • The authentication data may be provided from the payer mobile device to the payment processing service or to the merchant payment device and via any necessary intermediaries such as routers, network providers and the like.
  • The method described in FIG. 2 may be used to tie validation and authorization of a payment transaction to the locations of the entities involved. That is, the method may extend transaction authorization to include geolocation information. If the payer identification device 16 (credit card, debit card, cell phone acting as a credit card, etc.) is present, the geolocation of the payer mobile device 18 is compared during the card processor's authorization processing to other geolocation information, such as the location of the merchant's store, to establish that the person authorized to execute the transaction is in approximately the same location as the payer identification device 16. In simple terms, if the authorized card holder isn't near the card reader, the transaction should either be declined or additional identity confirmation should be conducted.
  • In one embodiment, illustrated in the flowchart 200 of FIG. 3, the merchant payment device 14 may be used to read the payer identification device 16 to pay a merchant (step 201).The merchant payment device 14 sends to the payment processing system 12 a transaction record (step 202) which identifies the payer identification device 16, the merchant payment device 14 and other details of the transaction such as the amount, time, etc. The transaction record maybe used to determine a geolocation of the merchant payment device (step 203). In one embodiment, the location of the merchant payment device 14 may be known locally in the payment processing system 12, e.g., stored in a local database 13, and may be retrieved from the database 13 using an identity of the merchant or the merchant payment device 14. In an alternative embodiment, in particular where the merchant payment device 14 may be mobile, the transaction record may include the geolocation of the merchant payment device 14, e.g., as determined by an internal GPS system of the merchant payment device 14 or other location determination system.
  • At step 204, the merchant payment device 14 may identify the mobile communications device 18 and request the current location of the mobile communications device 18 (step 205) which is received at step 206 and added to the transaction record. In an alternative embodiment, the database 13 of the payment processing system 12 may store contact details for the mobile communications device 18 such that steps 204, 205, 206 are performed by the payment processing system once the payer has been identified from the transaction record.
  • In one embodiment, the payer mobile device 18 may provide location information without user input. In an alternative embodiment, a message, such as an SMS message may be sent to the payer's mobile device 18, requiring an SMS response from the payer, with the location of the payer mobile device 18 being extracted from the response SMS message. If the payer mobile device 18 is within an acceptable distance from the location reported by the merchant payment device 14, the merchant payment device 14 is sent a message approving the transaction (step 207). The acceptable distance may depend on the transaction environment. For example, transactions with merchants where the payer may often be in a car, such as in a drive-through premises, may allow a greater distance than transactions where customers are generally slower or more stationary. Typical allowable distances are considered to be 100 feet for a casual restaurant, 20 feet for a retail store, and 10 feet for a fast food restaurant. The typical distance for each merchant is stored in the Payment Processing Service database 13.
  • In one embodiment, the transaction record may be complete when first sent from the merchant payment device 14 to the payment processing system 12. This has the advantage that a location of the mobile communications device 18 and the merchant payment device 14 are known at the immediate time of the transaction. However, the transaction record may also be sent in multiple stages. For example, the payment processing system 12 may separately query the merchant payment device 14 for its current location, which the merchant payment device 14 may add to the transaction record in response to the query.
  • In one embodiment illustrated in the flowchart 300 of FIG. 4, the merchant payment device 14 is used to read the payer identification device to pay a merchant (step 301). The merchant payment device 14 looks for the payer mobile device 18 (step 302) (e.g., cell phone, PDA, MID, etc.) and connects to the payer mobile device 18 (step 303), which communicates a previous transaction history, such as an authentication history for the merchant payment device 14 (step 304). If the payer mobile device 18 is not present or the registration check fails, the transaction requires additional verification before being accepted. The merchant payment device 14 sends the transaction record to the payment processing service 12 indicating that the payment processing system 18 can verify the transaction (step 305) by contacting the payer mobile device 18 using the process illustrated in FIG. 3 (from step 203). If the merchant payment device 14 verifies at step 304 that the payer identification device 16 has been previously authorized by the payer mobile device 18 for the merchant, the merchant payment device indicates the authorization history in the transaction record to the payment processing service. The payment processing service 12 processes the transaction, include checking the authorization history. If the validations succeed, the payment processing service 12 sends to the merchant payment device 14 a message approving the transaction (step 308). In embodiments such as this, e.g., where independent location verification is not necessarily used in the authentication step, it is conceivable that the payment identification device 16 and the payer mobile device 18 may be merged into a single device.
  • In one embodiment, the mobile communications device may provide additional authentication information that is unknown to the merchant and/or the merchant payment device for independent verification in the payment processing system. When the merchant payment device 14 queries the payer mobile device 18 for the payer mobile device's authentication information, in addition to providing the payer mobile device's most recent location, the payer mobile device 18 may also include information about the previous transaction, if any, involving the payer identification device 16. For example, the encrypted authentication information might include one or more of the geolocation, timestamp, merchant identity or transaction amount of the previous transaction, which is data the merchant is unlikely to possess and which ties the authentication information to the current transaction. The payer mobile device 18 returns the authentication data to the merchant payment device 14 in an encrypted form not decipherable by the merchant payment device 14. The merchant payment device 14 sends to the payment processing system 12 a transaction record that includes the geolocation of the merchant payment device 14 and the encrypted authentication information provided by the payer mobile device. The process at the payment processing end is shown in the flowchart 400 of FIG. 5. At step 401, the payment processing service 12 receives the transaction record and decrypts the authentication data provided by the payer mobile device 18 (via the merchant payment device 14) (step 402). The payment processing system 12 may verify the authentication data within the payment processing system (step 403), for example by retrieving details of the previous transaction from the database 13 and comparing the details with the data provided in the transaction record. In one embodiment, the previous transaction history may be sufficient to approve the transaction, without using the location data (step 404). Alternatively, the location data may also be such that if the payer mobile device 14 is within the defined acceptable distance from the location reported by the merchant payment device 14, then the payment processing system 12 may indicate to the merchant payment device 14 that the transaction is approved. Otherwise, if the authentication data fails these or other tests the payment processing service 12 may require additional verification before being accepted. By providing additional encrypted authentication information unknown to the merchant payment device 14 and incorporating the encrypted data in the transaction record, the system can reduce the possibility of replaying the encrypted authentication information which may lead to false or fraudulent approval of the transaction.
  • In one embodiment, the encrypted authentication data provided by the payer mobile device 18 may be supplemented by additional encrypted data from the payer identification device 16. For example, a payer identification device 16 may be provided with geolocation capabilities, such as from an internal GPS receiver which can be provided to the merchant payment device 14 during a transaction. To reduce the possibility of replaying the encrypted authentication information, merchant payment device sends to the transaction processor a transaction record that includes the encrypted authentication information provided by the payer identification device 16, and the encrypted authentication information provided by the payer mobile device 18. The payment processing service 12 processes the transaction record, including decrypting the authentication data provided by the payer identification device 16 and payer mobile device 18. If either the payer identification device 16 or the payer mobile device 18 is outside the acceptable distance from the location reported by the merchant payment device 14, or the authentication data fails some other test, the payment processing service may seek additional verification before approving the transaction. If the payment processing service 12 checks succeed, the payment processing service 12 sends to the merchant payment device 14 a message approving the transaction.
  • The components of the system 10 may be embodied in hardware, software, firmware or a combination of hardware, software and/or firmware. In a hardware embodiment, a merchant payment device may include a processor 61 operatively associated with a memory 62 as shown in FIG. 6. The memory 62 may store an instruction set 500 executable by the processor 61. When executed, the instruction set 500, shown in FIG. 7, causes the processor to commence a transaction by reading a payment identification device of a payer (step 501). After identifying a mobile communications device of the payer (step 502), a request for authentication information is sent to the mobile communications device (step 503) with the authentication information being received from the mobile communications device at step 504. The processor 61 then generates a transaction record incorporating the authentication information (step 505) and provides the transaction record to a payment processing system (step 506) for subsequent approval.
  • As shown in FIG. 6, the processor 61 of the merchant device may communicate the transaction record to a processor 68 and associated memory 69 of the payment processing system 12 through a suitable communications link 65. In addition, the processor 61 of the merchant device and/or the processor 68 of the payment processing system 12 may communicate with a processor and memory of a PayerMobile Device (not shown), for retrieving the required authentication information.
  • Embodiments of the system described above can be used to improve authorization confidence for a significant fraction of credit card uses, i.e., when the cardholder presents the physical card to a merchant and for other forms of payer identification devices. Thus, the system may be used to reduce credit card fraud by reducing the successful use of stolen credit cards, cloned credit cards, or fraudulent merchant card readers.
  • Although embodiments of the present invention have been illustrated in the accompanied drawings and described in the foregoing description, it will be understood that the invention is not limited to the embodiments disclosed, but is capable of numerous rearrangements, modifications, and substitutions without departing from the spirit of the invention as set forth and defined by the following claims. For example, the capabilities of the invention can be performed fully and/or partially by one or more of the blocks, modules, processors or memories. Also, these capabilities may be performed in the current manner or in a distributed manner and on, or via, any device able to provide and/or receive information. Further, although depicted in a particular manner, various modules or blocks may be repositioned without departing from the scope of the current invention. Still further, although depicted in a particular manner, a greater or lesser number of modules and connections can be utilized with the present invention in order to accomplish the present invention, to provide additional known features to the present invention, and/or to make the present invention more efficient. Also, the information sent between various modules can be sent between the modules via at least one of a data network, the Internet, an Internet Protocol network, a wireless source, and a wired source and via plurality of protocols.

Claims (12)

1. A method of identifying whether to complete a first transaction between a merchant and payer based on information about a second different transaction between the merchant and the payer, the method comprising:
identifying, by a merchant payment device, the payer from a payer identification device;
identifying, by the merchant payment device, whether a mobile communication device associated with the payer is available;
responsive to identifying that the mobile communication device is available, requesting, by the merchant payment device, the information about the second different transaction between the merchant and the payer from the mobile communications device;
identifying, by the merchant payment device, reply data from the mobile communication device responsive to the requesting;
verifying, by the merchant payment device, whether the reply data includes the information about the second different transaction between the merchant and the payer, wherein the verifying includes:
generating a communication based on the reply data, wherein the communication includes encrypted information of the reply data;
transmitting the communication to a payment processing system; and
identifying, by the merchant payment device, an approval of the first transaction between the merchant and the payer responsive to a result of the verifying.
2. The method according to claim 1, wherein generating, by the merchant payment device, the communication based on the reply data further comprises:
generating, by the merchant payment device, a transaction record including details of the first transaction between the merchant and the payer;
wherein the generated communication includes the generated transaction record.
3. The method according to claim 1, further comprising transmitting, by the merchant payment device, a request for a location of the mobile communications device to the mobile communications device.
4. The method according to claim 3, wherein the communication is generated based on location data received responsive to the request for the location, and wherein the generated communication includes the location data.
5. The method according to claim 1, wherein generating, by the merchant payment device, the communication based on the reply data further comprises:
identifying, by the merchant payment device, location data that represents a current location of the mobile device; and
generating, by the merchant payment device, the communication based on the location data, wherein the generated communication includes the location data.
6. The method according to claim 1, further comprising:
determining, by the merchant payment device, a location of the mobile communications device from an incoming text message received from the mobile communications device;
wherein the generated communication includes information about the location.
7. A non-transitory computer-readable medium having instructions stored thereon that, in response to execution by a processing device, cause the processing device to perform operations for obtaining an approval of a first transaction between a merchant and a payer based on information about a second different transaction between the merchant and the payer, the operations comprising:
identifying the payer from a payer identification device;
identifying whether a mobile communication device associated with the payer is available;
responsive to identifying that the merchant payment device is available, requesting the information about the second different transaction between the merchant and the payer from the mobile communication device;
identifying reply data from the mobile communication device responsive to the requesting;
verifying whether the reply data includes the information about the second different transaction between the merchant and the payer, wherein the verifying includes:
generating a communication based on the reply data, wherein the communication includes encrypted information of the reply data; and
transmitting the communication to a remote device; and
identifying the approval of the first transaction between the merchant and the payer responsive to a result of the verifying.
8. The non-transitory computer-readable medium according to claim 7, wherein generating, by the merchant payment device, the communication based on the reply data:
generating, by the merchant payment device, a transaction record including details of the first transaction between the merchant and the payer;
wherein the generated communication includes the generated transaction record.
9. The non-transitory computer-readable medium of claim 7, wherein the operations further comprise transmitting, by the merchant payment device, a request for a location of the mobile communications device to the mobile communications device.
10. The non-transitory computer-readable medium of claim 9, wherein generated communication includes location data received responsive to the request for the location of the mobile communication device.
11. The non-transitory computer-readable medium of claim 7, wherein the generated communication includes information about a location of the mobile communication device.
12. The non-transitory computer-readable medium of claim 7, wherein the operations further comprise:
determining, by the merchant payment device, a location of the mobile communications device from an incoming text message received from the mobile communications device;
wherein the generated communication includes information about the location.
US15/828,089 2009-12-03 2017-11-30 System and method for approving transactions Abandoned US20180083787A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US15/828,089 US20180083787A1 (en) 2009-12-03 2017-11-30 System and method for approving transactions
US17/206,689 US11831791B2 (en) 2009-12-03 2021-03-19 System and method for approving transactions
US18/495,303 US20240056315A1 (en) 2009-12-03 2023-10-26 System and method for approving transactions

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US12/629,937 US20110137804A1 (en) 2009-12-03 2009-12-03 System and method for approving transactions
US15/828,089 US20180083787A1 (en) 2009-12-03 2017-11-30 System and method for approving transactions

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US12/629,937 Division US20110137804A1 (en) 2009-12-03 2009-12-03 System and method for approving transactions

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US17/206,689 Continuation US11831791B2 (en) 2009-12-03 2021-03-19 System and method for approving transactions

Publications (1)

Publication Number Publication Date
US20180083787A1 true US20180083787A1 (en) 2018-03-22

Family

ID=44082964

Family Applications (4)

Application Number Title Priority Date Filing Date
US12/629,937 Abandoned US20110137804A1 (en) 2009-12-03 2009-12-03 System and method for approving transactions
US15/828,089 Abandoned US20180083787A1 (en) 2009-12-03 2017-11-30 System and method for approving transactions
US17/206,689 Active US11831791B2 (en) 2009-12-03 2021-03-19 System and method for approving transactions
US18/495,303 Pending US20240056315A1 (en) 2009-12-03 2023-10-26 System and method for approving transactions

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US12/629,937 Abandoned US20110137804A1 (en) 2009-12-03 2009-12-03 System and method for approving transactions

Family Applications After (2)

Application Number Title Priority Date Filing Date
US17/206,689 Active US11831791B2 (en) 2009-12-03 2021-03-19 System and method for approving transactions
US18/495,303 Pending US20240056315A1 (en) 2009-12-03 2023-10-26 System and method for approving transactions

Country Status (7)

Country Link
US (4) US20110137804A1 (en)
EP (2) EP3929850A1 (en)
JP (1) JP5513626B2 (en)
KR (1) KR101437248B1 (en)
CN (1) CN102640177A (en)
BR (1) BR112012013347A2 (en)
WO (1) WO2011068624A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110189479A (en) * 2019-06-03 2019-08-30 苏州随身玩信息技术有限公司 A kind of explanation triggering method and explanation equipment

Families Citing this family (119)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9436955B2 (en) 2009-06-10 2016-09-06 Square, Inc. Methods for transferring funds using a payment service where financial account information is only entered once with a payment service and need not be re-entered for future transfers
US20110137804A1 (en) 2009-12-03 2011-06-09 Recursion Software, Inc. System and method for approving transactions
US20110212735A1 (en) * 2010-03-01 2011-09-01 Mark Buer Method and system for seamless consummation of an electronic transaction based on location related data
US10339549B1 (en) 2010-03-23 2019-07-02 Amazon Technologies, Inc. Transaction bootstrapping to create relationships
US9721283B2 (en) 2010-09-30 2017-08-01 Paypal, Inc. Location based transactions
US9454866B2 (en) 2010-10-13 2016-09-27 Square, Inc. Method of conducting financial transactions where a payer's financial account information is entered only once with a payment system
US9619797B2 (en) 2010-10-13 2017-04-11 Square, Inc. Payment methods with a payment service and tabs selected by a first party and opened by a second party at an geographic location of the first party's mobile device
GB2485139A (en) 2010-10-22 2012-05-09 Vodafone Ip Licensing Ltd Analysing and securing mobile based transactions
US20120158545A1 (en) * 2010-12-20 2012-06-21 Ebay, Inc. Mobile on-the-spot shopping and payments
US20120221464A1 (en) * 2011-02-28 2012-08-30 Research In Motion Limited Communications system for performing secure transactions based upon mobile wireless communications device proximity and related methods
US8793760B2 (en) * 2011-03-31 2014-07-29 Ebay Inc. Authenticating online users with distorted challenges based on transaction histories
US9830594B2 (en) 2011-05-17 2017-11-28 Ping Identity Corporation System and method for performing a secure transaction
US8346672B1 (en) 2012-04-10 2013-01-01 Accells Technologies (2009), Ltd. System and method for secure transaction process via mobile device
US9965768B1 (en) 2011-05-19 2018-05-08 Amazon Technologies, Inc. Location-based mobile advertising
EP2710825A4 (en) 2011-05-20 2015-05-27 Mastercard International Inc Methods, systems, and computer-readable storage media for managing risk using location, mobile, and user participating - based identity verification
WO2013022994A2 (en) * 2011-08-08 2013-02-14 Visa International Service Association Payment card with integrated chip
US8788881B2 (en) * 2011-08-17 2014-07-22 Lookout, Inc. System and method for mobile device push communications
US20130046692A1 (en) * 2011-08-19 2013-02-21 Bank Of America Corporation Fraud protection with user location verification
JP2014529964A (en) 2011-08-31 2014-11-13 ピング アイデンティティ コーポレーション System and method for secure transaction processing via a mobile device
US10089617B2 (en) * 2011-09-26 2018-10-02 First Data Corporation Systems and methods for facilitating card present transactions
US20140067570A1 (en) * 2011-10-01 2014-03-06 Uttam Sengupta System and method for mobile point of sale
CN103988218B (en) * 2011-10-31 2018-10-26 金钱及数字保护许可两合有限公司 Authentication method
US20130117155A1 (en) * 2011-11-04 2013-05-09 Michael Laine Glasgo Transaction validation by location based services (LBS)
US10373246B1 (en) * 2011-12-06 2019-08-06 West Corporation Method and apparatus of providing enhanced authentication and security for financial institution transactions
US9384330B2 (en) * 2011-12-09 2016-07-05 Verizon Patent And Licensing Inc. Providing user attributes to complete an online transaction
US8655773B1 (en) * 2012-01-26 2014-02-18 Intuit Inc. Geo-location based underwriting
GB2492614B (en) 2012-02-28 2014-01-29 Barclays Bank Plc System and method for authenticating a payment transaction
US20130268378A1 (en) * 2012-04-06 2013-10-10 Microsoft Corporation Transaction validation between a mobile communication device and a terminal using location data
US20130290176A1 (en) * 2012-04-26 2013-10-31 Ebay, Inc. Transaction service purchase options via a payment provider
US11636489B2 (en) 2013-10-19 2023-04-25 Ondot Systems Inc. System and method for authorizing a transaction based on dynamic location updates from a user device
US20190147450A1 (en) * 2012-06-19 2019-05-16 Ondot System Real-time enrichment of raw merchant data from iso transactions on data communication networks for preventing false declines in fraud prevention systems
US11899711B2 (en) 2012-06-19 2024-02-13 Ondot Systems Inc. Merchant logo detection artificial intelligence (AI) for injecting user control to ISO back-end transaction approvals between acquirer processors and issuer processors over data communication networks
CN103546878B (en) * 2012-07-12 2016-09-21 财付通支付科技有限公司 The control method of mobile data terminal and system
US20140058805A1 (en) * 2012-08-24 2014-02-27 Sap Ag Remotely authorizing a purchase from a head unit of a vehicle
US9152971B2 (en) 2012-09-26 2015-10-06 Paypal, Inc. Dynamic mobile seller routing
EP2717207A1 (en) * 2012-10-05 2014-04-09 Alcatel Lucent Cloud based payment method
AU2013263803B2 (en) * 2012-11-28 2020-04-09 Nowww.Us Pty Limited A secure processing system for use with a portable communication device
US20140244504A1 (en) * 2013-02-27 2014-08-28 Mastercard International Incorporated Methods and systems for processing electronic transactions and managing vehicle costs
US20140279494A1 (en) * 2013-03-12 2014-09-18 Mastercard International Incorporated Method and system of detecting and using geofencing for fraud detection and modeling
US20140279490A1 (en) * 2013-03-13 2014-09-18 Bank Of America Corporation Automated teller machine (atm) user location verification
WO2014159548A1 (en) * 2013-03-14 2014-10-02 Telcom Ventures, Llc Verifying a user identity using location
US10373166B2 (en) 2013-05-24 2019-08-06 Marc George System for managing personal identifiers and financial instrument use
EP2983120A4 (en) * 2013-05-31 2016-05-25 Huawei Tech Co Ltd Transfer information processing method and device
CA2854150C (en) 2013-06-10 2024-02-06 The Toronto Dominion Bank High fraud risk transaction authorization
US9519934B2 (en) 2013-07-19 2016-12-13 Bank Of America Corporation Restricted access to online banking
US9646342B2 (en) 2013-07-19 2017-05-09 Bank Of America Corporation Remote control for online banking
US20150058191A1 (en) * 2013-08-26 2015-02-26 Apple Inc. Secure provisioning of credentials on an electronic device
EP3079115A4 (en) * 2013-12-04 2017-10-11 Tendyron Corporation Method and smart card for processing transaction data
IL229832A (en) * 2013-12-05 2016-06-30 Google Inc Determining merchant identity for received merchant identifiers
CN104767717B (en) * 2014-01-03 2019-01-29 腾讯科技(深圳)有限公司 Auth method and device
US10431330B2 (en) * 2014-01-22 2019-10-01 Children's Hospital & Research Center At Oakland Method and system to provide patient information and facilitate care of a patient
FI125753B (en) * 2014-01-31 2016-02-15 Idcontrol Oy Authentication system and method for user authentication
US9223951B2 (en) 2014-02-07 2015-12-29 Bank Of America Corporation User authentication based on other applications
US9647999B2 (en) 2014-02-07 2017-05-09 Bank Of America Corporation Authentication level of function bucket based on circumstances
US9965606B2 (en) 2014-02-07 2018-05-08 Bank Of America Corporation Determining user authentication based on user/device interaction
US9313190B2 (en) 2014-02-07 2016-04-12 Bank Of America Corporation Shutting down access to all user accounts
US9317674B2 (en) 2014-02-07 2016-04-19 Bank Of America Corporation User authentication based on fob/indicia scan
US9208301B2 (en) 2014-02-07 2015-12-08 Bank Of America Corporation Determining user authentication requirements based on the current location of the user in comparison to the users's normal boundary of location
US9390242B2 (en) 2014-02-07 2016-07-12 Bank Of America Corporation Determining user authentication requirements based on the current location of the user being within a predetermined area requiring altered authentication requirements
US9213974B2 (en) * 2014-02-07 2015-12-15 Bank Of America Corporation Remote revocation of application access based on non-co-location of a transaction vehicle and a mobile device
US9331994B2 (en) 2014-02-07 2016-05-03 Bank Of America Corporation User authentication based on historical transaction data
US9286450B2 (en) 2014-02-07 2016-03-15 Bank Of America Corporation Self-selected user access based on specific authentication types
US9305149B2 (en) 2014-02-07 2016-04-05 Bank Of America Corporation Sorting mobile banking functions into authentication buckets
US9317673B2 (en) 2014-02-07 2016-04-19 Bank Of America Corporation Providing authentication using previously-validated authentication credentials
US9424572B2 (en) 2014-03-04 2016-08-23 Bank Of America Corporation Online banking digital wallet management
US9600817B2 (en) 2014-03-04 2017-03-21 Bank Of America Corporation Foreign exchange token
US9600844B2 (en) 2014-03-04 2017-03-21 Bank Of America Corporation Foreign cross-issued token
US9721248B2 (en) 2014-03-04 2017-08-01 Bank Of America Corporation ATM token cash withdrawal
US9830597B2 (en) 2014-03-04 2017-11-28 Bank Of America Corporation Formation and funding of a shared token
CN106233664B (en) * 2014-05-01 2020-03-13 维萨国际服务协会 Data authentication using an access device
US10242351B1 (en) 2014-05-07 2019-03-26 Square, Inc. Digital wallet for groups
US10026083B1 (en) 2014-05-11 2018-07-17 Square, Inc. Tab for a venue
CN105450417B (en) * 2014-09-01 2020-02-11 阿里巴巴集团控股有限公司 User behavior verification method and device under mobile scene
GB2529858A (en) * 2014-09-04 2016-03-09 Mastercard International Inc Method and system for facilitating a transaction
US9292875B1 (en) * 2014-09-23 2016-03-22 Sony Corporation Using CE device record of E-card transactions to reconcile bank record
CN105450617B (en) * 2014-09-24 2019-07-09 阿里巴巴集团控股有限公司 A kind of payment verification method, apparatus and system
CN105592002B (en) * 2014-10-21 2019-09-17 腾讯科技(深圳)有限公司 A kind of processing method and processing device of virtual resource data
CN105743851B (en) 2014-12-09 2019-06-21 阿里巴巴集团控股有限公司 Method for processing business, device and service server
US11200560B2 (en) * 2014-12-19 2021-12-14 Capital One Services, Llc Systems and methods for contactless and secure data transfer
US10157397B2 (en) * 2014-12-29 2018-12-18 Comenity Llc Collecting and analyzing data from a mobile device
US10621658B1 (en) 2015-01-15 2020-04-14 Wells Fargo Bank, N.A. Identity verification services with identity score through external entities via application programming interface
US10937025B1 (en) 2015-01-15 2021-03-02 Wells Fargo Bank, N.A. Payment services via application programming interface
US10990974B1 (en) 2015-01-15 2021-04-27 Wells Fargo Bank, N.A. Identity verification services and user information provision via application programming interface
US10997654B1 (en) 2015-01-15 2021-05-04 Wells Fargo Bank, N.A. Identity verification services through external entities via application programming interface
US9781105B2 (en) 2015-05-04 2017-10-03 Ping Identity Corporation Fallback identity authentication techniques
CN106296187A (en) * 2015-06-03 2017-01-04 深圳卡通新技术有限公司 A kind of electronic payment safety control method and system
CN105049611A (en) * 2015-06-29 2015-11-11 深圳国微技术有限公司 Payment device searching method and payment device searching device
CA2991316A1 (en) 2015-08-14 2017-02-23 Visa International Service Association System and method for location determination using mesh routing
CN105931035A (en) * 2015-08-18 2016-09-07 中国银联股份有限公司 Payment mark generation method and device
EP3139329A1 (en) * 2015-09-03 2017-03-08 Mobile Elements Corp Contactless mobile payment system
KR20170041465A (en) * 2015-10-07 2017-04-17 삼성전자주식회사 Method for providing payment service and electronic device for the same
US9820148B2 (en) 2015-10-30 2017-11-14 Bank Of America Corporation Permanently affixed un-decryptable identifier associated with mobile device
US10021565B2 (en) 2015-10-30 2018-07-10 Bank Of America Corporation Integrated full and partial shutdown application programming interface
US9729536B2 (en) 2015-10-30 2017-08-08 Bank Of America Corporation Tiered identification federated authentication network system
US9641539B1 (en) 2015-10-30 2017-05-02 Bank Of America Corporation Passive based security escalation to shut off of application based on rules event triggering
US11017376B1 (en) 2015-12-28 2021-05-25 Wells Fargo Bank, N.A. Mobile device-based dual custody verification using micro-location
US10922672B2 (en) * 2016-02-12 2021-02-16 Visa International Service Association Authentication systems and methods using location matching
US20170293913A1 (en) * 2016-04-12 2017-10-12 The Governing Council Of The University Of Toronto System and methods for validating and performing operations on homomorphically encrypted data
US10460367B2 (en) 2016-04-29 2019-10-29 Bank Of America Corporation System for user authentication based on linking a randomly generated number to the user and a physical item
US10268635B2 (en) 2016-06-17 2019-04-23 Bank Of America Corporation System for data rotation through tokenization
US11587063B1 (en) * 2016-07-06 2023-02-21 United Services Automobile Association (Usaa) Automated proximity fraud account lock systems and methods
US20180053189A1 (en) * 2016-08-18 2018-02-22 Justin T. Monk Systems and methods for enhanced authorization response
CN109891449B (en) * 2016-10-26 2023-07-07 乐天集团股份有限公司 Settlement system, settlement method, and program
US10524165B2 (en) 2017-06-22 2019-12-31 Bank Of America Corporation Dynamic utilization of alternative resources based on token association
US10511692B2 (en) 2017-06-22 2019-12-17 Bank Of America Corporation Data transmission to a networked resource based on contextual information
US10313480B2 (en) 2017-06-22 2019-06-04 Bank Of America Corporation Data transmission between networked resources
EP3633571B1 (en) 2017-06-30 2023-05-31 Huawei Technologies Co., Ltd. Nfc payment method and terminal
US20190090090A1 (en) * 2017-09-15 2019-03-21 Intel Corporation Proof of location using proximity records and distributed ledger
US11995619B1 (en) 2017-12-28 2024-05-28 Wells Fargo Bank, N.A. Account open interfaces
US11106515B1 (en) 2017-12-28 2021-08-31 Wells Fargo Bank, N.A. Systems and methods for multi-platform product integration
US11676126B1 (en) 2017-12-28 2023-06-13 Wells Fargo Bank, N.A. Account open interfaces
CN108564373A (en) * 2018-03-16 2018-09-21 阿里巴巴集团控股有限公司 Method of payment, device and equipment
US11093912B1 (en) 2018-12-10 2021-08-17 Wells Fargo Bank, N.A. Third-party payment interfaces
US11263615B2 (en) 2019-03-01 2022-03-01 Visa International Service Association System, method, and computer program product for authentication by augmented reality for fraud prevention
JP2020177288A (en) * 2019-04-15 2020-10-29 株式会社ぐるなび Payment supporting system, payment supporting method, and payment supporting program
US11044246B1 (en) 2019-06-21 2021-06-22 Wells Fargo Bank, N.A. Secure communications via third-party systems through frames
CN113496402A (en) * 2020-04-01 2021-10-12 黑杰克科技有限公司 Method and device for inputting code scanning payment amount, storage medium and terminal equipment
US11836727B1 (en) 2020-12-04 2023-12-05 Wells Fargo Bank, N.A. Location based transaction authentication
US11200306B1 (en) 2021-02-25 2021-12-14 Telcom Ventures, Llc Methods, devices, and systems for authenticating user identity for location-based deliveries

Family Cites Families (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991411A (en) * 1996-10-08 1999-11-23 International Business Machines Corporation Method and means for limiting adverse use of counterfeit credit cards, access badges, electronic accounts or the like
IL128720A (en) 1999-02-25 2009-06-15 Cidway Technologies Ltd Method for certification of over the phone transactions
GB2361560B (en) 2000-04-17 2002-12-18 Robert Kaplan Method and apparatus for transferring or receiving data via the internet securely
JP2001306987A (en) * 2000-04-25 2001-11-02 Nec Corp Card use approval method, card settlement system and card settlement device using portable telephone set
WO2002010939A1 (en) * 2000-07-28 2002-02-07 American Calcar Inc. Technique for effective organization and communication of information
JP2002163584A (en) * 2000-11-24 2002-06-07 Fujitsu Ltd Method for card settlement using portable information terminal and its system
US8260723B2 (en) * 2000-12-01 2012-09-04 Carrott Richard F Transactional security over a network
JP2002269350A (en) * 2001-03-14 2002-09-20 Hitachi Ltd Transaction settlement method, transaction settlement system and portable communication terminal used therefor and settlement terminal for member store
KR20010110280A (en) * 2001-11-21 2001-12-12 임춘환 Credit card and on-line financial business method using on Position Information of Mobile Communication Terminal
US20030182194A1 (en) * 2002-02-06 2003-09-25 Mark Choey Method and system of transaction card fraud mitigation utilizing location based services
US20040019564A1 (en) * 2002-07-26 2004-01-29 Scott Goldthwaite System and method for payment transaction authentication
US7336973B2 (en) * 2002-10-30 2008-02-26 Way Systems, Inc Mobile communication device equipped with a magnetic stripe reader
US7784684B2 (en) * 2002-08-08 2010-08-31 Fujitsu Limited Wireless computer wallet for physical point of sale (POS) transactions
JP2004240725A (en) * 2003-02-06 2004-08-26 Mitsubishi Electric Corp Settlement processing system
KR100497223B1 (en) * 2003-03-05 2005-06-23 포인트아이 주식회사 Method and System for Providing Location-Based Credit Card Authentication Service
US7548886B2 (en) * 2003-06-12 2009-06-16 International Business Machines Corporation System and method for early detection and prevention of identity theft
KR100648064B1 (en) * 2004-01-14 2006-11-23 주식회사 케이티프리텔 mobile terminal for certification, E-commerce system and method using the terminal
JP2005229278A (en) * 2004-02-12 2005-08-25 Fuji Photo Film Co Ltd Authentication apparatus and method, and program
KR100930457B1 (en) * 2004-08-25 2009-12-08 에스케이 텔레콤주식회사 Authentication and payment system and method using mobile communication terminal
KR20060025495A (en) * 2004-09-16 2006-03-21 에스케이 텔레콤주식회사 System and method for notifying credit card transaction information by using location of mobile terminal
JP2006164035A (en) * 2004-12-09 2006-06-22 Nec Corp Credit card settlement system and credit card settlement method
US7221949B2 (en) * 2005-02-28 2007-05-22 Research In Motion Limited Method and system for enhanced security using location-based wireless authentication
WO2006109574A1 (en) * 2005-04-07 2006-10-19 Matsushita Electric Industrial Co., Ltd. False use preventing method of electronic money, electronic money settling system, mobile terminal, and electronic settling device
US8656458B2 (en) 2005-08-25 2014-02-18 Guy Heffez Method and system for authenticating internet user identity
US7503489B2 (en) * 2005-04-26 2009-03-17 Bpriv, Llc Method and system for monitoring electronic purchases and cash-withdrawals
WO2007004224A1 (en) * 2005-07-05 2007-01-11 Mconfirm Ltd. Improved location based authentication system
US20070011099A1 (en) * 2005-07-11 2007-01-11 Conrad Sheehan SECURE ELECTRONIC TRANSACTIONS BETWEEN A MOBILE DEVICE AND OTHER MOBILE, FIXED, or VIRTUAL DEVICES
US20070174082A1 (en) * 2005-12-12 2007-07-26 Sapphire Mobile Systems, Inc. Payment authorization using location data
US8924295B2 (en) * 2007-01-03 2014-12-30 At&T Intellectual Property I, L.P. User terminal location based credit card authorization servers, systems, methods and computer program products
US10055735B2 (en) * 2007-01-30 2018-08-21 Visa U.S.A., Inc. Delayed transit fare assessment
US20090143104A1 (en) * 2007-09-21 2009-06-04 Michael Loh Wireless smart card and integrated personal area network, near field communication and contactless payment system
US20090094123A1 (en) * 2007-10-03 2009-04-09 Patrick Killian Payment services provider methods in connection with personalized payments system
US20090106160A1 (en) * 2007-10-19 2009-04-23 First Data Corporation Authorizations for mobile contactless payment transactions
US20090112767A1 (en) * 2007-10-25 2009-04-30 Ayman Hammad Escrow system and method
WO2009121046A1 (en) * 2008-03-28 2009-10-01 Celltrust Corporation Systems and methods for secure short messaging service and multimedia messaging service
US10068282B2 (en) * 2009-06-24 2018-09-04 Uniloc 2017 Llc System and method for preventing multiple online purchases
US20110137804A1 (en) 2009-12-03 2011-06-09 Recursion Software, Inc. System and method for approving transactions
US20140200957A1 (en) * 2013-01-16 2014-07-17 Iqua Technologies Pty Ltd System and method for determining customer preferences

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110189479A (en) * 2019-06-03 2019-08-30 苏州随身玩信息技术有限公司 A kind of explanation triggering method and explanation equipment

Also Published As

Publication number Publication date
KR101437248B1 (en) 2014-09-02
JP5513626B2 (en) 2014-06-04
WO2011068624A3 (en) 2011-10-13
US20210211311A1 (en) 2021-07-08
EP2507754A2 (en) 2012-10-10
JP2013513158A (en) 2013-04-18
EP2507754A4 (en) 2017-04-05
US20110137804A1 (en) 2011-06-09
BR112012013347A2 (en) 2016-03-01
WO2011068624A2 (en) 2011-06-09
KR20120082024A (en) 2012-07-20
US20240056315A1 (en) 2024-02-15
CN102640177A (en) 2012-08-15
US11831791B2 (en) 2023-11-28
EP2507754B1 (en) 2021-08-25
EP3929850A1 (en) 2021-12-29

Similar Documents

Publication Publication Date Title
US11831791B2 (en) System and method for approving transactions
EP3271885B1 (en) Multi-device transaction verification
CN113507377B (en) Apparatus and method for transaction processing using a token and password based on transaction specific information
US9916578B2 (en) Method and system for processing internet purchase transactions
US20180158055A1 (en) System and method for automated analysis comparing a wireless device location with another geographic location
US10922675B2 (en) Remote transaction system, method and point of sale terminal
US10373161B2 (en) Offline mobile phone payments
RU2534943C2 (en) Prevention of false positive card detection
US20180053189A1 (en) Systems and methods for enhanced authorization response
US20040248554A1 (en) Method of paying from an account by a customer having a mobile user terminal, and a customer authenticating network
JP2016522925A (en) Fraud detection by mobile devices that do not rely on the network
JP2017117471A (en) Transaction system and method to be used with mobile equipment
KR102574524B1 (en) Remote transaction system, method and point of sale terminal
CN116074089A (en) Cloud token provisioning for multiple tokens
US20220278986A1 (en) System and method for identity verification
US10846681B2 (en) System and method for providing payment service
US20100017333A1 (en) Methods and systems for conducting electronic commerce
US20240078304A1 (en) Mobile user authentication system and method
KR101399109B1 (en) Non facing payment system and method using i-pin connection information
KR101640300B1 (en) Method of secure finance transaction based on finance window using mobile device and system performing the same
KR101623972B1 (en) System for Payment by Using Identity Code of Affiliated Store
US20220270096A1 (en) Computer-implemented method, system, and computer program product for authenticating a transaction
WO2013160830A1 (en) A server and mobile device for authorizing a transaction
KR20140065864A (en) Card payment admission system and method

Legal Events

Date Code Title Description
AS Assignment

Owner name: OL SECURITY LIMITED LIABILITY COMPANY, DELAWARE

Free format text: MERGER;ASSIGNOR:OSOCAD REMOTE LIMITED LIABILITY COMPANY;REEL/FRAME:044267/0747

Effective date: 20150826

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION